2 * <security/pam_modules.h>
4 * $Id: pam_modules.h,v 1.8 1997/01/04 20:14:42 morgan Exp morgan $
5 * $FreeBSD: src/contrib/libpam/libpam/include/security/pam_modules.h,v 1.2.6.2 2001/06/11 15:28:14 markm Exp $
7 * This header file documents the PAM SPI --- that is, interface
8 * between the PAM library and a PAM service library which is called
11 * Note, the copyright information is at end of file.
13 * $Log: pam_modules.h,v $
14 * Revision 1.8 1997/01/04 20:14:42 morgan
15 * moved PAM_DATA_SILENT to _pam_types.h so applications can use it too
17 * Revision 1.7 1996/11/10 19:57:08 morgan
18 * pam_get_user prototype.
20 * Revision 1.6 1996/09/05 06:18:45 morgan
21 * added some data error_status masks, changed prototype for cleanup()
23 * Revision 1.5 1996/06/02 07:58:37 morgan
24 * altered the way in which modules obtain static prototypes for
29 #ifndef _SECURITY_PAM_MODULES_H
30 #define _SECURITY_PAM_MODULES_H
33 * Define either PAM_STATIC or PAM_DYNAMIC, based on whether PIC
34 * compilation is being used.
36 #if !defined(PIC) && !defined(PAM_STATIC)
44 #include <linker_set.h>
47 #include <security/_pam_types.h> /* Linux-PAM common defined types */
49 /* these defines are used by pam_set_item() and pam_get_item() and are
50 * in addition to those found in <security/_pam_types.h> */
52 #define PAM_AUTHTOK 6 /* The authentication token (password) */
53 #define PAM_OLDAUTHTOK 7 /* The old authentication token */
55 /* -------------- The Linux-PAM Module PI ------------- */
57 extern int pam_set_data(pam_handle_t *pamh, const char *module_data_name,
59 void (*cleanup)(pam_handle_t *pamh, void *data,
61 extern int pam_get_data(const pam_handle_t *pamh,
62 const char *module_data_name, const void **data);
64 extern int pam_get_user(pam_handle_t *pamh, const char **user
65 , const char *prompt);
69 #define PAM_EXTERN static
72 const char *name; /* Name of the module */
74 /* These are function pointers to the module's key functions. */
76 int (*pam_sm_authenticate)(pam_handle_t *pamh, int flags,
77 int argc, const char **argv);
78 int (*pam_sm_setcred)(pam_handle_t *pamh, int flags,
79 int argc, const char **argv);
80 int (*pam_sm_acct_mgmt)(pam_handle_t *pamh, int flags,
81 int argc, const char **argv);
82 int (*pam_sm_open_session)(pam_handle_t *pamh, int flags,
83 int argc, const char **argv);
84 int (*pam_sm_close_session)(pam_handle_t *pamh, int flags,
85 int argc, const char **argv);
86 int (*pam_sm_chauthtok)(pam_handle_t *pamh, int flags,
87 int argc, const char **argv);
91 #define PAM_SM_AUTH_ENTRY pam_sm_authenticate
92 #define PAM_SM_SETCRED_ENTRY pam_sm_setcred
94 #define PAM_SM_AUTH_ENTRY NULL
95 #define PAM_SM_SETCRED_ENTRY NULL
99 #define PAM_SM_ACCOUNT_ENTRY pam_sm_acct_mgmt
101 #define PAM_SM_ACCOUNT_ENTRY NULL
104 #ifdef PAM_SM_SESSION
105 #define PAM_SM_OPEN_SESSION_ENTRY pam_sm_open_session
106 #define PAM_SM_CLOSE_SESSION_ENTRY pam_sm_close_session
108 #define PAM_SM_OPEN_SESSION_ENTRY NULL
109 #define PAM_SM_CLOSE_SESSION_ENTRY NULL
112 #ifdef PAM_SM_PASSWORD
113 #define PAM_SM_PASSWORD_ENTRY pam_sm_chauthtok
115 #define PAM_SM_PASSWORD_ENTRY NULL
118 #define PAM_MODULE_ENTRY(name) \
119 static struct pam_module _pam_modstruct = { \
122 PAM_SM_SETCRED_ENTRY, \
123 PAM_SM_ACCOUNT_ENTRY, \
124 PAM_SM_OPEN_SESSION_ENTRY, \
125 PAM_SM_CLOSE_SESSION_ENTRY, \
126 PAM_SM_PASSWORD_ENTRY \
128 DATA_SET(_pam_static_modules, _pam_modstruct)
130 #else /* !PAM_STATIC */
132 #define PAM_EXTERN extern
133 #define PAM_MODULE_ENTRY(name)
135 #endif /* PAM_STATIC */
137 /* Lots of files include pam_modules.h that don't need these
138 * declared. However, when they are declared static, they
139 * need to be defined later. So we have to protect C files
140 * that include these without wanting these functions defined.. */
142 #if (defined(PAM_STATIC) && defined(PAM_SM_AUTH)) || !defined(PAM_STATIC)
144 /* Authentication API's */
145 PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
146 int argc, const char **argv);
147 PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags,
148 int argc, const char **argv);
150 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_AUTH))
151 || !defined(PAM_STATIC)*/
153 #if (defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) || !defined(PAM_STATIC)
155 /* Account Management API's */
156 PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
157 int argc, const char **argv);
159 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT))
160 || !defined(PAM_STATIC)*/
162 #if (defined(PAM_STATIC) && defined(PAM_SM_SESSION)) || !defined(PAM_STATIC)
164 /* Session Management API's */
165 PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
166 int argc, const char **argv);
168 PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
169 int argc, const char **argv);
171 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_SESSION))
172 || !defined(PAM_STATIC)*/
174 #if (defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) || !defined(PAM_STATIC)
176 /* Password Management API's */
177 PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
178 int argc, const char **argv);
180 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_PASSWORD))
181 || !defined(PAM_STATIC)*/
183 /* The following two flags are for use across the Linux-PAM/module
184 * interface only. The Application is not permitted to use these
187 * The password service should only perform preliminary checks. No
188 * passwords should be updated. */
189 #define PAM_PRELIM_CHECK 0x4000
191 /* The password service should update passwords Note: PAM_PRELIM_CHECK
192 * and PAM_UPDATE_AUTHTOK can not both be set simultaneously! */
193 #define PAM_UPDATE_AUTHTOK 0x2000
197 * here are some proposed error status definitions for the
198 * 'error_status' argument used by the cleanup function associated
199 * with data items they should be logically OR'd with the error_status
200 * of the latest return from libpam -- new with .52 and positive
201 * impression from Sun although not official as of 1996/9/4 there are
202 * others in _pam_types.h -- they are for common module/app use.
205 #define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
207 /* take care of any compatibility issues */
208 #include <security/_pam_compat.h>
210 /* Copyright (C) Theodore Ts'o, 1996.
211 * Copyright (C) Andrew Morgan, 1996-8.
212 * All rights reserved.
214 * Redistribution and use in source and binary forms, with or without
215 * modification, are permitted provided that the following conditions
217 * 1. Redistributions of source code must retain the above copyright
218 * notice, and the entire permission notice in its entirety,
219 * including the disclaimer of warranties.
220 * 2. Redistributions in binary form must reproduce the above copyright
221 * notice, this list of conditions and the following disclaimer in the
222 * documentation and/or other materials provided with the distribution.
223 * 3. The name of the author may not be used to endorse or promote
224 * products derived from this software without specific prior
225 * written permission.
227 * ALTERNATIVELY, this product may be distributed under the terms of
228 * the GNU General Public License, in which case the provisions of the
229 * GNU GPL are required INSTEAD OF the above restrictions. (This
230 * clause is necessary due to a potential bad interaction between the
231 * GNU GPL and the restrictions contained in a BSD-style copyright.)
233 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
234 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
235 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
236 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
237 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
238 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
239 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
240 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
241 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
242 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
243 * OF THE POSSIBILITY OF SUCH DAMAGE. */
245 #endif /* _SECURITY_PAM_MODULES_H */